From 53033c081a07ac4e2f81b8cb4891a281281c6b67 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 1 Oct 1998 01:27:47 +0000 Subject: Fixed *nasty* bug in nt_lm_owf_gen() - this function was not ensuring a zero filled buffer before doing crypto stuff. See PR#10121. Beware of this ! Jeremy. (This used to be commit c42fb702b70f18dfe3b97ce7ea24c4ce4b3f890f) --- source3/libsmb/smbencrypt.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'source3/libsmb') diff --git a/source3/libsmb/smbencrypt.c b/source3/libsmb/smbencrypt.c index 5a946e22c9..89c6eba810 100644 --- a/source3/libsmb/smbencrypt.c +++ b/source3/libsmb/smbencrypt.c @@ -101,7 +101,9 @@ void E_md4hash(uchar *passwd, uchar *p16) void nt_lm_owf_gen(char *pwd, uchar nt_p16[16], uchar p16[16]) { char passwd[130]; - StrnCpy(passwd, pwd, sizeof(passwd)-1); + + memset(passwd,'\0',130); + safe_strcpy( passwd, pwd, sizeof(passwd)-1); /* Calculate the MD4 hash (NT compatible) of the password */ memset(nt_p16, '\0', 16); -- cgit